Data processing device, method of same, and program of same

ABSTRACT

A data processing device, in a system performing authentication among a plurality of storage device (IC cards etc.), able to maintain security of authentication at other device even when secrecy of key data held by part of the devices is lost, wherein a key generation unit generates individual key data unique to an IC card based on identification data unique to the IC cards received from the ICs of the IC cards and a card processing unit performs mutual authentication with the IC based on the individual key data.

BACKGROUND OF THE INVENTION

[0001] 1. Field of the Invention

[0002] The present invention relates to a data processing device forauthentication with a service data storing device by using key data anda method and program of the same.

[0003] 2. Description of the Related Art

[0004] For example, when providing various services using an integratedcircuit (IC) card etc., there is a system of the IC card and theauthenticating device holding common key data and using the key data forauthentication. Such a system stores key data common to a plurality ofIC cards for the plurality of IC cards issued by a service provider.

[0005] In the above system, therefore, there is a problem that when partof IC cards lost secrecy of the key data stored in the IC cards,security no longer could be maintained for all of the IC cards. Further,as a countermeasure for this, it becomes necessary to replace the keydata leaked to the outside by a new key data, but there has the problemof being troublesome.

SUMMARY OF THE INVENTION

[0006] An object of the present invention is to provide a dataprocessing device, in a system performing authentication based on keydata among a plurality of the device to be authenticated (IC cards),able to maintain the security of authentication at other devices even ifthe secrecy of the key data kept by part of the devices were lost, and amethod and program of the same.

[0007] To attain the above object, according to a first aspect of theinvention, there is provided a data processing device comprising a keygenerating means for generating individual key data unique tocorresponding devices to be authenticated based on individual dataunique to each device and an authenticating means for performingauthentication with a corresponding device based on the individual keydata generated by the key generating means.

[0008] The mode of operation of the data processing device of the firstaspect of the invention is as follows: The key generating meansgenerates individual key data unique to devices to be authenticatedbased on individual data unique to the device received from the device.Next, the authenticating means authentication with the device based onthe individual key data generated by the key generating means.

[0009] Preferably, the key generating means selects a key generationalgorithm corresponding to a designated processing content among aplurality of key generation algorithms defined corresponding to aplurality of processing contents to be performed after theauthentication and generates the individual key data unique to thedevice based on the selected key generation algorithm. Further, the dataprocessor preferably further has a key managing means for holding fixedkey data common to the plurality of devices, and the authenticatingmeans performs first authentication performed using the fixed key dataand second authentication performed using second the individual keydata.

[0010] According to a second aspect of the invention, there is provideda data processing device, comprising an authenticating means confirminglegitimacy of device by authentication, then performing processinglinked with the device; a key managing means for holding fixed key datacommon to a plurality of device and providing fixed key datacorresponding to a first request from a device to the authenticatingmeans; and a key generating means for generating individual key dataunique to devices based on individual data unique to the devices inaccordance with a second request from the key managing means andproviding the individual key data to the key managing means, wherein thekey managing means provides the held fixed key data to theauthenticating means when the fixed key data is corresponded to thefirst request and outputs the fixed data received from the device to thekey generating means corresponding to the second request and providesthe individual key data generated at the key generating means to theauthenticating means when the individual key data is corresponded to thefirst request, and the authenticating means performs the authenticationbased on the fixed key data or the individual key data received from thekey managing means.

[0011] The mode of operation of the data processing device of the secondaspect of the invention is as follows. The authenticating means issues afirst request to the key managing means. Then, the key managing meansprovides held fixed key data to the authenticating means when the fixedkey data is corresponded to the first request. The authenticating meansperforms authentication with the device based on the key data receivedfrom the authenticating means. The key managing means outputs individualdata unique to the device received from the device to the key generatingmeans corresponding to the second request when the individual key datais corresponded to the first request. The key generating means generatesindividual key data based on the individual data in accordance with thesecond request and provides this to the key managing means. The keymanaging means provides the individual key data received from the keygenerating means to the authenticating means. The authenticating meansperforms the authentication with the device based on the key datareceived from the key managing means.

[0012] According to a third aspect of the invention, there is provided adata processing method comprising a first step of generating individualkey data based on individual data unique to a device received from adevice and a second step of communicating with the device based on theindividual key data generated in the first step to perform theauthentication.

[0013] According to a fourth aspect of the invention, there is provideda program to be executed by a data processor, comprising a first routinefor generating individual key data unique to a device based onindividual data unique to the device received from a device and a secondroutine for communicating with the device based on the individual keydata generated by the first routine to perform authentication.

[0014] According to a fifth aspect of the invention, there is provided asecure application module comprising: a key generating circuit forgenerating individual key data unique to corresponding devices to beauthenticated based on individual data unique to each device and anauthenticating circuit for performing authentication with acorresponding device based on the individual key data generated by thekey generating circuit.

BRIEF DESCRIPTION OF THE DRAWINGS

[0015] The above object and features of the present invention will bemore apparent from the following description of the preferredembodiments given with reference to the accompanying drawings, wherein:

[0016]FIG. 1 is a view of the configuration of a card system of anembodiment of the present invention;

[0017]FIG. 2 is a view of the configuration of an IC built in an IC cardshown in FIG. 1;

[0018]FIG. 3 is a diagram for explaining various key data defined in theIC shown in FIG. 1;

[0019]FIG. 4 is a functional block diagram of a SAM shown in FIG. 1;

[0020]FIG. 5 is a view for explaining the processing of the SAM shown inFIG. 4;

[0021]FIG. 6 is a view for explaining registration of key managementdata in the SAM shown in FIG. 5;

[0022]FIG. 7 is a flow chart for explaining a routine for generation ofindividual key data in a key generation unit shown in FIG. 5;

[0023]FIG. 8 is a flow chart for explaining a routine for registrationof key management data in the SAM shown in FIG. 5;

[0024]FIG. 9 is a flow chart for explaining an example of an operationwhen performing processing concerning a service between the IC of the ICcard shown in FIG. 5 and the SAM;

[0025]FIG. 10 is a flow chart continuing from FIG. 9 for explaining anexample of an operation when performing processing concerning a servicebetween the IC of the IC card shown in FIG. 5 and the SAM; and

[0026]FIG. 11 is a view for explaining a modification of the SAM of thecard system of the present invention.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

[0027] Below, an explanation will be given of a card system according toan embodiment of the present invention. FIG. 1 is a view of theconfiguration of a card system 1 of the present embodiment. As shown inFIG. 1, the card system 1 performs processing concerning a predeterminedservice in linkage after an IC 15 of the IC card 10 and a secureapplication module (SAM) 12 perform authentication via for example areader/writer (R/W) 11. Here, the SAM 12 corresponds to the dataprocessor of the present invention, and the IC 15 corresponds to thedevice of the present invention. The IC stores service data relating toat least one service. The SAM communicates with a semiconductor devicesuch as IC card, portable electronic device which has an IC cardfunction. Further, a management device 13 registers a key package KPstoring key data etc. used for mutual authentication between the SAM 12and the IC 15 into the SAM 12. Further, a manager of the SAM 12, forexample, a provider of the predetermined service utilizing the IC card10, issues the IC card 10 to each of a plurality of users.

[0028] The IC 15 stores data concerning various services received by auser of the IC 15 and file data of programs by utilizing the SAM 12 andis set with utilization rights for services using the file data.Concretely, the IC 15 and the SAM 12 perform processing concerned with aservice in linkage conditional on the IC 15 and the SAM 12 performingmutual authentication based on the key data corresponding to thedesignated service and confirm mutual legitimacy. In the presentembodiment, the IC card 10 issued to each of the plurality of users isallocated key data (individual key data of the present invention) uniqueto individual IC cards 10 as part of the key data used for theauthentication. Then, the SAM 12 receives as input identification dataIDM such as a serial number allocated uniquely to the IC card 10 at thetime of production and generates key data used for the authentication bya predetermined algorithm based on this identification data IDM.

[0029] Below, an explanation will be given of the components shown inFIG. 1.

[0030] [IC 15]

[0031]FIG. 2 is a view of the configuration of an IC 15 built into theIC card 10 shown in FIG. 1. As shown in FIG. 2, the IC 15 has forexample an interface 21, a memory 22, and a CPU 23 connected via aninternal bus 20. The interface 21 transfers data between with the SAM 12via the R/W 11. The memory 22 stores the data used for processingconcerning various services received by the user of the IC 15 and filedata of programs by utilizing the SAM 12. Further, the memory 22 storesvarious key data used for authentication with the SAM 12 before theprocessing concerning the service. Further, the memory 22 stores theidentification data IDM unique to the individual IC card 10.

[0032] Note that the SAM 12 performs for example mutual authenticationbased on the key data corresponding to the system code commonlyallocated to the SAM 12 of the same model and authorizes access to theIC 15 conditional on mutual legitimacy being confirmed by the mutualauthentication. Further, the memory 22 stores the file data of variousservices in the area as folders having hierarchical structures. The SAM12 performs mutual authentication based on the key data corresponding tothe area code of the area in the memory 22 and authorizes access to therelated area conditional on mutual legitimacy being authenticated by themutual authentication. Further, the SAM 12 performs the mutualauthentication based on the key data corresponding to the service codeof the file data stored in the area and authorizes access to the relatedfile data conditional on mutual legitimacy being authenticated by themutual authentication.

[0033] In the present embodiment, as shown in FIG. 3, the fixed key dataand the individual key data are defined as the type of the key datadefined as mentioned above concerning the IC 15. The fixed key data isfor example key data having the same value so far as the location on thefile system is the same among the ICs 15 of a plurality of IC cards 10.The individual key data is key data having different values even if thelocation on the file system is the same among the ICs 15 of a pluralityof IC cards 10. Namely, the individual key data is key data unique tothe ICs 15 of a plurality of IC cards 10. Note that the IC 15 performsprocessing without specifying either of the fixed key data or theindividual key data as the key data.

[0034] The CPU 23 transfers data with the SAM 12 via the interface 21and the R/W 11 to perform mutual authentication with the SAM 12 based onthe program read out from the memory 22 and the key data. Further, whenconfirming mutual legitimacy by the mutual authentication, the CPU 23executes the processing concerning the service corresponding to the keydata used in the mutual authentication while being corresponded to theSAM 12. Further, the CPU 23 decodes the enciphered key package via theinterface 21 in accordance with an operation of the manager whosepredetermined right has been authenticated and writes the key data inthe decoded key package into the memory 22 at the time of for examplethe issuance of the IC card 10.

[0035] [SAM 12]

[0036]FIG. 4 is a functional block diagram of the SAM 12 shown inFIG. 1. As shown in FIG. 4, the SAM 12 has for example an interface 31,a card processing unit 32, a key management unit 33, and a keygeneration unit 34 connected via an internal bus 30. Here, the cardprocessing unit 32 corresponds to the authenticating means of thepresent invention, the key management unit 33 corresponds to the keymanaging means of the present invention, and the key generation unit 34corresponds to the key generating means of the present invention. It isalso possible to realize all or part of the card processing unit 32, thekey management unit 33, and the key generation unit 34 shown in FIG. 4by hardware such as a circuit or realize them by executing a program(program of the present invention) by the CPU (data processor of thepresent invention). At least one of the interface 31, the cardprocessing unit 32, the key management unit 33, and the key generationunit 34 may be realized by a circuit.

[0037] The interface 31 transfers data transfer with the IC 15 via theR/W 11 shown in FIG. 1. The card processing unit 32 performs the mutualauthentication with the IC 15 of the IC card 10 via the interface 31based on the key data input from the key management unit 33 and, whenconfirming the mutual legitimacy by the mutual authentication, performsprocessing concerning the designated service while being corresponded tothe IC 15. The card processing unit 32 realizes various functions byexecuting application programs. The card processing unit 32 performs themutual authentication with the IC 15 based on the key data input fromthe key management unit 33.

[0038] The key management unit 33 holds key management data KMD formanaging the key data used for the mutual authentication etc. The keymanagement data KMD indicates the identification data SID, the key dataK, and the key property data KPD linked together as shown in FIG. 5. Theidentification data SID is the data for identifying the service (filedata) to be performed by the SAM 12 while being corresponded to the IC15 and the storage area (folder) etc. for accessing the IC 15 along withthe service. The identification data SID is for example the system codeinput from the IC 15, the area code, or the service code. The key data Kis key data used for the mutual authentication with the IC 15 performedpreceding the service. The key property data. KPD is data indicatingwhich of the fixed key data or the individual key data is the key dataK.

[0039] The key management unit 33 reads out the key data (fixed keydata) K corresponding to the identification data SID from the keymanagement data KMD and outputs it to the card processing unit 32 wherethe identification data SID in the key request KREQ from the cardprocessing unit 32 is corresponded to the fixed key data based on thekey property data KPD of the key management data KMD. On the other hand,the key management unit 33 requests the identification data IDM (requestIDM_REQ in FIG. 5) from the card processing unit 32 where theidentification data SID in the key request KREQ from the card processingunit 32 is corresponded to the individual key data based on the keyproperty data KPD of the key management data KMD and outputs theidentification data IDM input in accordance with that, theidentification data SID, and the key data K (key data KO in FIG. 5)corresponding to the identification data SID extracted from the keymanagement data KMD to the key generation unit 34.

[0040] The key management data KM is set in the key management unit 33for example as follows. Namely, the management device 13 shown in FIG. 1generates the key package data KP obtained by enciphering the keymanagement data KMD by setting use master key data. KPM and outputs thisto the SAM 12 as shown in FIG. 6. The SAM 12 decodes the key packagedata KP input via the interface 31 by using the setting use master keydata KPM at the key management unit 33 shown in FIG. 4 or a notillustrated decoding unit and holds this. Here, by a business settingthe key management data KMD in the key management unit 33 for providingthe service using the SAM 12, the business can manage keys in a securestate and with a high degree of freedom. Note that the key data KOserving as the source of generation of the individual keys stored in thekey management data KMD is not the individual key data KI itself.Therefore, even if the secrecy of the key management data KMD is lost,the secrecy of the individual key data KI per se is not lost.

[0041] The key generation unit 34 executes the individual key generationprogram KPRG based on the master key data KM, the identification dataIDM input from the key management unit 33, the identification data SID,and the key data K (KO), generates the key data (individual key data)KI, and outputs this to the key management unit 33. The key managementunit 33 outputs the key data KI input from the key generation unit 34 tothe card processing unit 32. The key generation unit 34 generates thekey data KI by the routines shown in FIG. 7. The routines shown in FIG.7 are described in the individual key generation program KPRG. Below,the steps shown in FIG. 7 will be explained.

[0042] Step ST11:

[0043] The key generation unit 34 receives as input the identificationdata IDM, the identification data SID, and the key data K (KO) from thekey management unit 33.

[0044] Step ST12:

[0045] The key generation unit 34 adds the identification data SID, theidentification data IDM, and the master key data KM to generate the dataX.

[0046] Step ST13:

[0047] The key generation unit 34 rotate-shifts the right of the keydata K (KO) by exactly the amount of the value of the data X to generatethe individual key data KI.

[0048] Step ST14:

[0049] The key generation unit 34 outputs the individual key data KIgenerated at step ST13 to the key management unit 33.

[0050] Note that it is also possible for the key generation unit 34 toprepare programs of different algorithms for example for everyprocessing content with the IC 15, for example, for every location ofthe processing target on the file system, for example for every areacode, as the individual key generation program KPRG used for thegeneration of the key data KI, select the program corresponding to thedesignated identification data SID, and execute the program. Further, itis also possible for the key generation unit 34 to generate theindividual key data KI without using the master key data KM. Further,the generation routines of the individual key data shown in FIG. 7 areone example. The present invention is not limited to this.

[0051] In this way, by the key generation unit 34 generating theindividual key data by using the identification data IDM, theidentification data SID, and the key data K (KO) other than the masterkey data KM, it can impart a role equivalent to the master key data tothe data relating to key generation. For this reason, the settingsconcerning the key data used for the authentication by a business etc.having the right concerning the setting of the key management data KMDcan be freely changed. Further, as mentioned above, by generating theindividual key data based on the different algorithms by the individualkey generation program KPRG based on the location etc. on the filesystem, the security can be raised more. Namely, even if the logic forpart of the area service is leaked, the security of the other areaservice can be kept.

[0052] Below, an example of the operation of the card system 1 shown inFIG. 1 will be explained.

[0053] [First Example of Operation]

[0054] In the related example of operation, a case where the keymanagement data KMD was set in the SAM 12 will be explained. FIG. 8 is aflow chart for explaining this example of operation.

[0055] Step ST21:

[0056] The management device 13 shown in FIG. 1 generates the keypackage data KP obtained by enciphering the key management data KMD bythe setting use master key data KPM and outputs this to the SAM 12 asshown in FIG. 6.

[0057] Step ST22:

[0058] The SAM 12 decodes the key package data KP input via theinterface 31 by using the setting use master key data KPM at the keymanagement unit 33 shown in FIG. 4 or a not illustrated decoding unit togenerate the key management data KMD.

[0059] Step ST23:

[0060] The key management unit 33 holds the key management data KMDgenerated at step ST22.

[0061] [Second Example of Operation]

[0062] In this example of operation, the example of operation in a casewhere processing concerning a service is carried out between the IC 15of an IC card 10 b and the SAM 12 will be explained based on FIG. 5.FIG. 9 and FIG. 10 are flow charts for explaining this example ofoperation.

[0063] Step ST31:

[0064] The user loads the IC card 10 in the R/W 11 shown in FIG. 1 anddesignates the service it desires by using for example the operationunit provided in the R/W 11. Note that, it is also possible if the IC 15or the SAM 12 automatically designates the service. Due to this, theidentification data SID of the designated service is output from the IC15 to the SAM 12, and the identification data IDM read out from thememory 22 of the IC 15 is output to the SAM 12.

[0065] Step ST32:

[0066] The card processing unit 32 outputs the key request KREQincluding the identification data SID input at step ST31 to the keymanagement unit 33.

[0067] Step ST33:

[0068] The key management unit 33 specifies which of the individual keyor the fixed key the key data K corresponding to the identification dataSID included in the key request KREQ input at step ST22 is.

[0069] Step ST34:

[0070] When the key management unit 33 specifies the fixed key at stepST33, the operation routine proceeds to step ST33, and while when itspecifies the individual key, the operation routine proceeds to stepST38.

[0071] Step ST35:

[0072] The key management unit 33 acquires the key data (fixed key data)corresponding to the identification data SID input at step ST32 byreferring to the key management data KMD.

[0073] Step ST36:

[0074] The key management unit 33 outputs the key data obtained at stepST35 or the key data input from the key generation unit 34 at step ST42mentioned later to the card processing unit 32.

[0075] Step ST37:

[0076] The card processing unit 32 performs the mutual authenticationwith the IC 15 based on the key data input at step ST36 and, when itconfirms the mutual legitimacy, performs the service processingcorresponding to the identification data SID input at step ST31 whilebeing corresponded to the IC 15.

[0077] Step ST38:

[0078] The key management unit 33 outputs a request IDM_REQ forrequesting identification data IDM to the card processing unit 32 whenthe key is identified as an individual key at step ST34.

[0079] Step ST39:

[0080] The card processing unit 32 outputs the identification data IDMinput from the IC 15 at step ST31 to the key management unit 33 inaccordance with the request IDM_REQ input at step ST38.

[0081] Step ST40:

[0082] The key management unit 33 reads out the key data KOcorresponding to the identification data SID from the key managementdata KMD. Then, the key management unit 33 outputs the key data KO, theidentification data IDM input at step ST39, and the identification dataSID input at step ST32 to the key generation unit 34.

[0083] Step ST41:

[0084] The key generation unit 34 generates the individual key data KIby using the key data etc. input at step ST33 by the routines explainedby using FIG. 7.

[0085] Step ST42:

[0086] The key generation unit 34 outputs the individual key data KIinput at step ST41 to the key management unit 33.

[0087] The operation of the card system 1 explained based on FIG. 9 andFIG. 10 is applied to for example a ticket issuance service definedcorresponding to the individual key data. When the user operates the R/W11 to designate the ticket issuance service, the identification data SIDcorresponding to the ticket issuance service is output to the SAM 12. Atthe SAM 12, the identification data SID of the ticket issuance serviceis corresponded to for example the key property data KPD indicating theindividual key in the key management data KMD, so the key managementunit 33 makes the key generation unit 34 generate the individual keydata KI. Then, the card processing unit 32 performs the mutualauthentication with the IC 15 based on the generated individual key dataKI. Then, the card processing unit 32 enciphers the ticket issuance databy using the fixed key data in the key management data KMD according toneed when confirming the legitimacy of the IC 15 by the mutualauthentication and outputs the same to the IC 15.

[0088] As explained above, at the card system 1, before the processingof the service between the SAM 12 and the IC 15, the SAM 12 generatesindividual key data KI unique to the IC 15 based on the identificationdata IDM unique to the IC card 10 (IC 15) received from the IC 15 andperforms the mutual authentication with the IC 15 based on theindividual key data KI. For this reason, even if the secrecy of theindividual key data KI of part of the IC cards 10 among the plurality ofIC cards 10 is lost, the secrecy of the individual key data of the otherIC cards 10 is not lost and the security can be raised.

[0089] Further, according to the card system 1, the identification dataSID for identifying the service etc. is output from the IC 15 to the SAM12 and the algorithm of the individual key generation is switched basedon the identification data SID at the SAM 12, so the secrecy of theindividual key data based on other algorithms can be kept when thesecrecy of one algorithm is lost.

[0090] Further, according to the card system 1, the identification dataSID for identifying the service etc. is output from the IC 15 to the SAM12 and it is decided at the SAM 12 based on the identification data SIDwhich of the individual key or the fixed key the key data used for theauthentication is. Therefore, the IC 15 can perform the processingwithout being aware of which of the individual key or the fixed key thekey data used for the authentication is.

[0091] Further, according to the card system 1, the key management unit33 switches the processing corresponding to the individual key or thefixed key. Therefore, the card processing unit 32 can perform theprocessing without specifying which of the individual key or the fixedkey the key data to be used for the authentication is. For this reason,the load accompanying development of a card processing unit 32 can bereduced and, at the same time, the leakage of information concerningauthentication using individual keys to the developers of the cardprocessing unit 32 can be prevented.

[0092] Further, according to the card system 1, in the key specifyingdata KPD of the key management data KMD, by determining the property ofthe key data as fixed key for all key data, compatibility with a systemusing only fixed keys can be achieved.

[0093] Further, according to the card system 1, independent from theoperation of the card processing unit 32, the processing concerned withthe individual key data is carried out based on the key management dataKMD at the key management unit 33. Therefore, the information concerningthe individual key data can be prevented from being divulged to thedeveloper of the application program of the card processing unit 32.Namely, the information concerning the individual key data can belimited to only a setter/developer of the key management data KMD andthe individual key generation program KPRG, and a high security can berealized.

[0094] According to the card system 1, by generating the individual keydata based on the identification data IDM as mentioned above, the SAM 12does not have to store the individual key data of all IC cards 10, socan be configured by using a small scale memory.

[0095] The present invention is not limited to the above embodiment. Forexample, in the present invention, it is also possible to configure aSAM 12 a not by using the key management unit 33, but by using a cardprocessing unit 32 a and a key generation unit 34 a. In this case, thecard processing unit 32 a receives as input the identification data IDMand SID from the IC 15 of the IC card 10 b and outputs them to the keygeneration unit 34 a. The key generation unit 34 a generates theindividual key data KI by using the identification data IDM and SIDinput from the card processing unit 32 a and outputs them to the cardprocessing unit 32 a. Then, the card processing unit 32 a performs themutual authentication with the IC 15 based on the individual key data KIinput from the key generation unit 34 a.

[0096] Further, in the above embodiment, the IC 15 of the IC card 10 wasillustrated as the device of the present invention, but the device maybe a computer etc. too.

[0097] According to the present invention, a data processing device, ina system performing authentication among a plurality of device to beauthenticated, able to keep the security of the authentication at otherdevices even in a case where the secrecy of the key data held by part ofthe devices is lost and a method and program of the same can beprovided.

[0098] While the invention has been described with reference to specificembodiments chosen for purpose of illustration, it should be apparentthat numerous modifications could be made thereto by those skilled inthe art without departing from the basic concept and scope of theinvention.

What is claimed is:
 1. A data processing device comprising: a keygenerating means for generating individual key data unique tocorresponding devices to be authenticated based on individual dataunique to each device; and an authenticating means for performingauthentication with a corresponding device based on said individual keydata generated by said key generating means.
 2. A data processing deviceas set forth in claim 1, wherein said key generating means selects a keygeneration algorithm corresponding to a designated processing contentamong a plurality of key generation algorithms defined corresponding toa plurality of processing contents to be performed after saidauthentication and generates said individual key data unique to thedevice based on the selected key generation algorithm.
 3. A dataprocessing device as set forth in claim 1, wherein said authenticatingmeans performs authentication with a corresponding based on saidindividual key data and performs processing corresponding to saidindividual key data linked with said device when succeeding in mutualauthentication with said device.
 4. A data processing device as setforth in claim 1, wherein said device, further comprises a key managingmeans for holding fixed key data common to the plurality of devices, andsaid authenticating means performs first authentication performed usingsaid fixed key data and second authentication performed using secondsaid individual key data.
 5. A data processing device as set forth inclaim 4, wherein said authenticating means confirms legitimacy by saidfirst authentication, then performs first processing corresponding tosaid fixed key linked with the device, confirms legitimacy by saidsecond authentication, then performs second processing corresponding tosaid individual key linked with said device.
 6. A data processing deviceas set forth in claim 4, wherein said key managing means holds key datacorresponding to said second authentication and said key generatingmeans generates said individual key data based on individual datareceived from a device and said key data.
 7. A data processing device asset forth in claim 6, wherein said key managing means holdsidentification data for identifying processing to be performed with acorresponding to said key data and said key managing means provides saidkey data corresponding to the identification data of designatedprocessing to said key generating means.
 8. A data processing device asset forth in claim 1, wherein said authenticating means authenticatesexistence of a right relating to processing corresponding to file dataheld by the device with said device based on individual key datagenerated by said key generating means.
 9. A data processing devices setforth in claim 8, wherein when said device holds said file data in afolder having a predetermined hierarchical structure, saidauthenticating means authenticates the existence of a right to access atleast one of said folder and said file data of the device based on saidindividual key data generated by said key generating means.
 10. A dataprocessing device comprising: an authenticating means confirminglegitimacy of a device by authentication, then performing processinglinked with the device; a key managing means for holding fixed key datacommon to a plurality of devices and providing fixed key datacorresponding to a first request from a device to said authenticatingmeans; and a key generating means for generating individual key dataunique to devices based on individual data unique to the devices inaccordance with a second request from said key managing means andproviding the individual key data to said key managing means, whereinsaid key managing means provides the held fixed key data to saidauthenticating means when said fixed key data is corresponded to saidfirst request and outputs said fixed data received from said device tosaid key generating means corresponding to said second request andprovides said individual key data generated at said key generating meansto said authenticating means when said individual key data iscorresponded to said first request, and said authenticating meansperforms said authentication based on said fixed key data or saidindividual key data received from said key managing means.
 11. A dataprocessing method comprising: a first step of generating individual keydata based on individual data unique to a device received from thedevice and a second step of communicating with said device based on theindividual key data generated in said first step to perform theauthentication.
 12. A data processing method as set forth in claim 11,wherein said first step selects a key generation algorithm correspondingto designated processing among a plurality of key generation algorithmsdefined corresponding to a plurality of processings to be performedafter authentication and generates individual key data unique to saiddevice based on a selected key generation algorithm.
 13. A dataprocessing method as set forth in claim 11, further having a third step,after confirming legitimacy with said device at said second step, ofperforming processing corresponding to said individual key data linkedwith said device.
 14. A program to be executed by a data processor,comprising: a first routine for generating individual key data unique tothe device to be authenticated based on individual data unique to thedevice received from a device and a second routine for communicatingwith said device based on the individual key data generated by saidfirst routine to perform authentication.
 15. A secure application modulefor communicating with an IC chip storing service data relating to atleast one service, comprising: a key generating circuit for generatingindividual key data unique to corresponding devices to be authenticatedbased on individual data unique to each device and an authenticatingcircuit for performing authentication with a corresponding based on saidindividual key data generated by said key generating circuit.
 16. Asecure application module as set forth in claim 15, wherein said keygenerating circuit selects a key generation algorithm corresponding to adesignated processing content among a plurality of key generationalgorithms defined corresponding to a plurality of processing contentsto be performed after said authentication and generates said individualkey data unique to the device based on the selected key generationalgorithm.
 17. A secure application module as set forth in claim 15,wherein said authenticating circuit performs authentication with acorresponding device based on said individual key data and performsprocessing corresponding to said individual key data linked with saiddevice when succeeding in mutual authentication with said device.